Re: [squid-users] Re: Access control problem

From: Amos Jeffries <>
Date: Thu, 11 Nov 2010 22:48:33 +1300

On 10/11/10 05:15, mrmmm wrote:
> Amos Jeffries-2 wrote:
>> Your initial message said "among other stuff I have". The conclusion
>> then has to be that somewhere in that other stuff is http_access rules
>> which bypass the ones you mentioned here.
>> Amos
>> --
> By "other stuff" i mean specific deny entries.

*all* of them? not one single "http_access allow" somewhere up top?

> Most of them are of type "URL
> Regexp" and have just one entry per rule, and they work fine. It seems that
> the problem is that for some reason when I have multiple entries per rule (a
> file with a list of sites) it is not denying them properly. However, it does
> appear that Squid reads them because I put a couple of duplicates in the
> file (on purpose) and when squid loads I get the message:
> WARNING: '' is a subdomain of ''
> WARNING: because of this '' is ignored to keep splay tree
> searching predictable
> WARNING: You should probably remove '' from the ACL named
> 'denybadsites'

oooh. You were talking about regex ACL not working then provide an
example of a dstdomain error. Mixing or crossing patterns could be the
source of your failure.

What is your *full* config please? along with the output of "squid -v"


Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.9
   Beta testers wanted for
Received on Thu Nov 11 2010 - 09:48:39 MST

This archive was generated by hypermail 2.2.0 : Thu Nov 11 2010 - 12:00:06 MST